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DETAILED ACTION 

1 . This action is responsive to communications: Amendment, fijed 10/26/2007. 

2. Claims 1-3, 5, 6, 9-11, 13-16, 20, 21, 23-26, 30, 31, 33-36, and 39-46 are 
pending in the case. Claims 1, 14, 24 and 39 are independent claims. 

Claim Rejections - 35 (JSC § 103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-3, 5, 6, 9-11, 13-16, 20, 21, 23-26, 30, 31, 33-36, and 39-46 are 
rejected under 35 U.S.C. 103(a) as being unpatentable over Cheng, U.S. Patent 
No. 6,067,548, issued May 2000, in view of McNally, et al. (hereinafter "McNally"), 
U.S. Patent No. 6,823,513 B1, issued November 2004. 

Independent claim 1 cites: A computer-implemented method for using 
workflows, comprising the steps of: associating workflows with one or more groups in an 
identity system, each group including one or more users of the identity system; 

receiving a request to perform a task that pertains to at least one identity profile 
of an entity in said identity system; and performing a first workflow for said task, said 
first workflow is associated with a first group that includes a target identity profile; 

Cheng teaches a method for using workflows in an identity system, using virtual 
links to associate a workflow with a group that includes a target identity profile (col. 3, 1. 
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15-col. 5, 1. 16). Cheng teaches that the system has organizational objects which are 
sub-groups of the enterprise, such as employees and departments (col. 6, J. 4.0-col. 7,1 
67). Cheng teaches that the organizational model of the system can be applied in 
workflow systems, by using the roles to assign tasks in a workflow system (col. 13, 1. 9- 
col. 16, I. 10; col. 16, I. 10-65). 

Claim 1 also cites: said request includes an identification of said target identity 
profile; said step of performing includes the steps of identifying a plurality of workflows 
that perform said task and are associated with groups that include said target identity 
profile, said set plurality workflows includes said first workflow, reporting said set 
plurality workflows to a user via a Graphical User Interface (GUI), receiving from the 
user a selection of said first workflow from the plurality of workflows, and performing one 
or more steps of said first workflow] 

Cheng teaches that the user may user a graphical user interface to manipulate 
the organizational objects and tasks (col. 11,1. 52-58; col. 12, I. 64-col. 13, I. 33; Fig. 9, 
1 0), which suggests use of a GUI to assign workflows. Cheng teaches that the 
organizational model of the system can be applied in workflow systems, by using the 
roles to assign tasks in a workflow system (col. 13, I. 9-col. 16, 1. 10; col. 16, 1. 10-65). 
However, Cheng does not explicitly teach that the GUI reports a set plurality of 
workflows to perform a task to the user and receives a selection of the workflow from 
the user. McNally is relied upon to teach a workflow distribution process with a GUI 
from which a user can select from a plurality of assigned workflows and perform steps 
of the workflow (col. 5, 1. 61 -col. 6, 1. 59; Figs. 5-8). 
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Claim 1 also cites: wherein; said first workflow comprises a predefined set of 
steps that perform said tasks to affect the target identity profile, said predefined set of 
steps comprising a first step and a second step; 

said first step is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a defined set of rules: and 

at least one of the first program and the second program is external to the 
workflow. 

Cheng teaches that each workflow comprises a predefined set of steps by more 
than one program, to perform tasks to affect the identity profile or group, and passing 
information between first and second programs according to a defined set of rules (col. 
16, 1. 22-65; col. 17, 1. 5-51). While Cheng does not explicitly teach that at least one of 
the first program and the second program is external to the workflow, McNally teaches 
that at least one of the first program and the second program is external to the workflow, 
because McNally teaches that access to program resources outside the workflow can 
be requested or assigned to an operator (col. 5, 1. 44-col. 7, 1. 52; especially col. 7, I. 3- 
35). 

Both Cheng and McNally are directed to the assignment of workflows and rules 
to users. It would have been obvious to one of ordinary skill in the art at the time of the 
invention to apply the intuitive interface disclosed by McNally to the workflow and 
organization modeling system disclosed by Cheng, since McNally and Cheng 
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recognized the need to limit access to proprietary workflow processes (McNally col. 2, 1. 
33-51) while facilitating collaboration between organizations (Cheng, col. 3, 1. 1-12). 

Regarding dependent claim 2, Cheng teaches associating said first workflow 
with said first group, said step of associating said first workflow includes choosing a first 
entry in a data structure, said data structure is a hierarchical data structure of entities in 
the identity system, said first domain includes said first entry and entries below said first 
entry, because Cheng teaches that the system has organizational objects which are 
sub-groups of the enterprise, such as employees and departments, arranged in a 
hierarchical data structure (col. 6, 1. 40-col. 7, I. 67, Fig. 3, 4). 

Regarding dependent claim 3, Cheng teaches identifying one or more 
workflows associated with a target identity profile, because Cheng teaches that the 
organizational model of the system can be applied in workflow systems, by using the 
roles to assign tasks in a workflow system (col. 13, 1. 9-col. 16, I. 10; col. 16, I. 10-65). 

Regarding dependent claims 5 and 6, Cheng teaches that the user can 
request to delete or modify a target identity profile, because Cheng teaches that the 
identifier and objects of the member class have a life cycle where a member, i.e., 
identity profile can be archived, modified, or deleted (col. 8, I. 1-51; col. 12, 1. 27-64). 

Regarding dependent claim 9, Cheng teaches that said steps of associating, 
receiving and performing are performed by an integrated identity and access system, 
because Cheng teaches a system of interconnected databases with multiple servers for 
identity and access (Fig. 8, col. 11,1. 4-col. 12, I. 26). 
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Regarding dependent claim 10, Cheng teaches that a request may be for self- 
registration, because Cheng teaches a user interface for self registration (col. 12, I. 18- 
64). 

Regarding dependent claim 11, Cheng teaches that workflows can delegate 
work, i.e., tasks, to other workflow processes or resources (col. 13, 1. 9-col. 15, 1. 19). 

Regarding dependent claim 13, Cheng teaches wherein said hierarchical data 
structure includes an LDAP directory (col. 1 5, 1. 14-1 9, Fig. 8). 

In regard to independent claim 14, claim 14 reflects the processor readable 
storage device(s) having processor readable code used to perform the method as 
claimed in claim 1 , and is rejected along the same rationale. 

In regard to dependent claims 15-21 and 23, claims 15-21 and 23 reflect the 
processor readable storage device(s) having processor readable code used to perform 
the method as claimed in claims 2, 3, 4, 7-9, 1 1 , and 13, and are rejected along the 
same rationale. 

In regard to independent claim 24, claim 24 reflects the apparatus used to 
perform the method as claimed in claim 1, and is rejected along the same rationale. 

In regard to dependent claims 25-33, claims 25-31 and 33 reflect the 
apparatus used to perform the method as claimed in claims 2, 3, 4, 7-9, 11, and 13, and 
are rejected along the same rationale. 

Regarding dependent claim 34, Cheng teaches managing a target identity 
profile, because Cheng teaches that the identifier and objects of the member class have 
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a life cycle where a member, i.e., identity profile can be archived, modified, or deleted 
(col. 8, 1.1-51; col. 12,1. 27-64). 

Regarding dependent claim 35, Cheng teaches wherein managing said identity 
profile comprises one or more tasks selected from the group consisting of: creating a 
user, deleting a user, changing a user attribute, creating a group, deleting a group, and 
changing a group attribute, because Cheng teaches that the identifier and objects of the 
member class have a life cycle where a member, i.e., identity profile can be archived, 
modified, or deleted (col. 8, I. 1-51; col. 12, 1. 27-64). 

Regarding dependent claim 36, Cheng teaches managing certificates 
associated with identity profiles (col. 15, I. 4-19). 

Regarding independent claim 39, Cheng teaches associating workflows with 
one or more groups in an identity system, each group including one or more users of 
the identity system and each user of the identity system having an associated identity 
profile] receiving a request to perform a task that pertains to a target identity profile in 
the identity system, wherein the request includes an identification of the target identity 
profile] because Cheng teaches a method for using workflows in an identity system, 
using virtual links to associate a workflow with a group that includes a target identity 
profile (col. 3, 1. 15-col. 5, 1. 16). Cheng teaches that the system has organizational 
objects which are sub-groups of the enterprise, such as employees and departments 
(col. 6, 1. 40-col. 7, I. 67). Cheng teaches that the organizational model of the system 
can be applied in workflow systems, by using the roles to assign tasks in a workflow 
system (col. 13, I. 9-col. 16, 1. 10; col. 16, I. 10-65). 



Application/Control Number: 09/998,895 Page 8 

Art Unit: 2176 

Claim 39 cites: identifying a plurality of workflows that perform the task and are 
associated with groups that include the user associated with the target identity profile- 
reporting the plurality of workflows via a Graphical User Interface (GUI) in response to 
the request; receiving a user selection of a first workflow from the plurality of workflows 
via the GUI] Cheng teaches that the user may user a graphical user interface to 
manipulate the organizational objects and tasks (col. 11,1. 52-58; col. 12, 1. 64-col. 13, 1. 
33; Fig. 9, 10), which suggests use of a GUI to assign workflows. Cheng teaches that 
the organizational model of the system can be applied in workflow systems, by using 
the group roles to assign tasks in a workflow system (col. 13, I. 9-col. 16, 1. 10; col. 16, 1. 
10-65). However, Cheng does not explicitly teach that the GUI reports a set plurality of 
workflows to perform a task to the user and receives a selection of the workflow from 
the user. McNally is relied upon to teach a workflow distribution process with a GUI 
from which a user can select from a plurality of assigned workflows and perform steps 
of the workflow (col. 5, I. 61 -col. 6, 1. 59; Figs. 5-8). 

Claim 39 further cites: performing a first step of said first workflow with a first 
program to affect the target identity profile, wherein the first program comprises one of a 
user manager, a group manager, and an organization manager; and 

performing a second step of said first workflow with a second program, wherein 
the second program comprises one of the user manager, the group manager, and the 
organization manager and wherein the second program is different from the first 
program. Cheng teaches that each workflow comprises a predefined set of steps by 
more than one program, to perform tasks to affect the identity profile or group, and 
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passing information between first and second programs according to a defined set of 
rules (col. 16, 1. 22-65; col. 17, I. 5-51). Cheng teaches that the system executes an 
expression at runtime to determine to who a task should be assigned, as well as 
querying the organizational management system, i.e., a first program of a user manager 
(col. 15, 1. 49-col. 16, 1. 21). Cheng also teaches that a workflow is defined by a 
procedure having a plurality of nodes with relationships defined between, where each of 
the nodes is defined to be performed either by the computer system or by an agent, i.e., 
a second program different from the first program, a part of the organizational 
management system (col. 16, 1. 10-65). 

Both Cheng and McNally are directed to the assignment of workflows and rules 
to users. It would have been obvious to one of ordinary skill in the art at the time of the 
invention to apply the intuitive interface disclosed by McNally to the workflow and 
organization modeling system disclosed by Cheng, since McNally and Cheng 
recognized the need to limit access to proprietary workflow processes (McNally col. 2, I. 
33-51) while facilitating collaboration between organizations (Cheng, col. 3, 1. 1-12). 

Regarding dependent claims 40-43, Cheng teaches that the identifier and 
objects of the member class have a life cycle where a member, i.e., identity profile can 
be archived, modified, or deleted by the authorized user associated with the member 
(col. 8,1. 1-51; col. 12,1.27-64). 

Regarding dependent claim 44, Cheng teaches that said second program 
performs a second workflow to affect the target identity profile, because Cheng teaches 
that each workflow comprises a predefined set of steps by more than one program, to 
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perform tasks to affect the identity profile or group, and passing information between 
first and second programs according to a defined set of rules (col. 16, 1. 22-65; col. 17,J. 
5-51). 

Regarding dependent claim 45, Cheng teaches that the second program is 
identified in an event catalog of the first workflow, since Cheng teaches a flexible and 
dynamic role resolution in the workflow system because there are a plurality of nodes 
with relationships defined between by rules or regular expressions (col. 16, I. 10-65). 

Regarding dependent claim 46, Cheng teaches that the event catalog further 
identifies one or more parameters for passing information between the first program and 
the second program, because Cheng teaches that the system queries which resource 
or who should be allowed or assigned to do the task (col. 16, 1. 60-65). 

Response to Arguments 

1. Applicant's arguments with respect to claims 1-3, 5, 6, 9-11, 13-16, 20, 21, 23-26, 
30, 31, 33-36, and 39-46 have been considered but are moot in view of the new 
ground(s) of rejection. The new grounds of rejection includes the Cheng and McNally 
patents, which were located when a new search was performed in view of the amended 
claims, and which are relied upon to teach the newly claimed limitation, 

reporting said set plurality workflows to a user via a Graphical User Interface 
(GUI), receiving from the user a selection of said first workflow from the plurality of 
workflows, and performing one or more steps of said first workflow; (Claim 1). 
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Conclusion 

1 . The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Collier et al. U.S. Patent No. 5,815,152 issued September 1998 

2. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will.expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Amelia Rutledge whose telephone number is 571-272- 
7508. The examiner can normally be reached on Monday - Friday 9:30 - 6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Doug Hutton can be reached on 571-272-4137. The fax phone number for 
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the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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